[GeoNode-devel] Geonode/Geoserver upgrade

Emere Arco emere.arco at gmail.com
Mon Nov 6 02:28:00 PST 2023


Dear all,

On the university server we have installed a Geonode 3.2.2 (with Geoserver
2.18).

The GARR (the provider that connects the universities) has reported a
vulnerability on our server and asks us to act accordingly. The
vulnerabilities are:

   - CVE-2022-24816 <https://nvd.nist.gov/vuln/detail/CVE-2022-24816>
   - CVE-2023-25157 <https://nvd.nist.gov/vuln/detail/CVE-2023-25157>

It is my understanding that an update of the Geoserver version is required
to solve the second vulnerability.

Unfortunately I'm not very experienced in Geonode/Geoserver installation
but I imagine that upgrading Geoserver requires a new installation/upgrade
of Geonode as well.
I wanted to know if it is possible to upgrade just Geoserver (and if there
are any guides available for data migration) or if it is necessary to
upgrade and reinstall Geonode entirely (and if so what are the best
practices to adopt).

Thank you in advance for your support.
Kind regards,

Emere Arco
Polytechnic of Turin - DIST Dep. - SDG11Lab
<https://www.dist.polito.it/en/the_department/laboratory/sdg11lab>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20231106/9ef280c6/attachment.htm>


More information about the geonode-devel mailing list